GLOSSARY 


access control list (ACL) — A list of security 
identifiers that are contained by a resource object. 
Only those processes with the appropriate access 
token can activate the services of that object. 

access token — Objects containing the security 
identifier of an active process. These tokens deter- 
mine the security context of the process. 

account lockout policy — Defines the conditions 
that result in a user account being locked out. 

Active Directory — A centralized resource and 
security management, administration, and control 
mechanism used to support and maintain a 
Windows 2000 domain. The Active Directory is 
hosted by domain controllers, and contains infor- 
mation about a domain’s user accounts, group 
memberships, group policies, and access controls 
for resources. 

active partition — The partition that the computer 
uses to boot. 

Address Resolution Protocol (ARP) — The IP 
protocol used to resolve numeric IP addresses into 
their MAC layer physical address equivalents. 

Administrator — The Windows 2000 account 
designed to perform a full array of management 
functions. 

Advanced RISC Computing (ARC) pathname 
— Naming convention used in the Boot.ini file 
to define the particular hard disk and partition 
where Windows 2000 operating system files 
reside. 

alert — A watchdog that informs you when a 
counter crosses a defined threshold. An alert is 
an automated attendant looking for high or low 
values, and can consist of one or more 
counter/instance-based alert definitions. 

answer file — A text file that contains a complete 
set of instructions for installing Windows 2000. 

AppleTalk — The network protocol stack used pre- 
dominantly in Apple Macintosh networks; this pro- 
tocol is bundled with Windows 2000. 


applet — A tool or utility found in the Control 
Panel that typically has a single focused purpose or 
function. 

Application log — A log automatically created by 
Windows 2000 that records application events, 
alerts, and system messages. 

application programming interface (API) — A 
set of software routines referenced by an applica- 
tion to access underlying application services. 

architecture — The layout of operating system com- 
ponents and their relationships to one another. 

Asynchronous Transfer Mode (ATM) — A cell- 
oriented, fiber- and copper-based networking tech- 
nology that supports data rates from 25 Mbps to as 
high as 2.4 Gbps. 

audit policy — Defines the events that are recorded 
in the Security log of the Event Viewer. 

auditing — The recording of the occurrence of a 
defined event or action. 

authentication — The process of validating a user’s 
credentials to allow access to certain resources. 

author mode — The condition of a console that 
allows users to add and remove snap-ins, create 
new windows, view the entire console tree, and 
save new versions of the console. 

backup type — A backup configuration that deter- 
mines how often data is backed up and the way 
old and new files should be handled. The types of 
backups are copy, daily, differential, incremental, 
and normal. 

Backup utility — A tool that enables users to back 
up and restore their data and system configura- 
tions in case of a hardware or software failure. 

base priority — The lowest priority that a thread 
may be assigned, based on the priority assigned to 
its process. 

baseline — A definition of what a normal load looks 
like on a computer system; it provides a point of 
comparison against which you can measure future 
system behavior. 


577 


578 Glossary 


basic storage — The drive division method that 
employs partitions. 

bindery — The database used by versions of 
NetWare before 4.0 to store network resource 
configuration information. 

binding — The process of developing a stack by 
linking network services and protocols. The bind- 
ing facility allows users to define exactly how net- 
work services operate in order to optimize the 
network performance. 

BIOS (basic input/output system) — A special 
PC ROM chip that contains sufficient program 
code to let a computer perform a POST routine, 
to check its hardware components, and to operate 
basic input and output routines for keyboard or 
mouse input, and screen output. 

boot loader — The software that shows all operating 
systems currently available and, via a menu, permits 
the user to choose which one should be booted. 

boot partition — The partition that hosts the main 
Windows 2000 system files and is the initial default 
location for the paging file. The boot partition can 
be the same partition as the system partition, or it 
can be any other partition (or logical drive in an 
extended partition) on any drive hosted by the 
computer. 

boot phase — Any of a number of stages in the 
Windows 2000 boot process, starting with the 
power-on self test (POST), through initial startup 
activities, to activation of a boot loader program, 
to selection of the operating system (or version) 
to boot, to hardware detection (Ntdetect), to 
selecting a configuration. 

boot process — The process of bringing up a com- 
pletely functional computer, starting from initial 
power-up (or reboot) through the boot phases and 
load phases involved in starting the hardware, find- 
ing a boot loader, and then loading and initializing 
an operating system. 

boot selection menu — The list of bootable 
operating systems (or versions) that Boot.ini pro- 
vides for display at the end of the Windows 2000 
boot phase. 

Boot.ini — The text file that creates the 
Windows 2000 boot loader’s menu. 


bottleneck — A system resource or device that limits a 
system’s performance. Ideally, the user should be the 
bottleneck on a system, not any hardware or soft- 
ware component. 

bound application — An application capable of 
running under the OS/2 subsystem or in a virtual 
DOS machine. If the OS/2 subsystem is available, 
it will be used by default. 

boundary layer — Microsoft term for an interface 
that separates two classes of network or other sys- 
tem components. Boundary layers make it simpler 
for developers to build general-purpose applica- 
tions without requiring them to manage all the 
details involved in network communications. 

certificate — An electronic identity verification 
mechanism. Certificates are assigned to a client or 
server by a certificate authority. When communica- 
tion begins, each side of the transmission can decide 
to either trust the other party based on its certificate 
and continue with the communication or not to 
trust the other party and terminate communication. 

characterization data file — The file responsible 
for rendering the GDI commands into DDI com- 
mands that can be sent to the printer. Each graphics 
driver renders a different printer language. 

child process — A process spawned within the con- 
text of some Windows 2000 environment subsys- 
tems (Win32, OS/2, or POSIX) that inherits 
operating characteristics from its parent subsystem, 
and access characteristics from the permissions 
associated with the account that requested it to be 
launched. 

clean installation — See fresh installation. 

client — A computer used to access network 
resources. 

client application (see also print client) — An appli- 
cation or service that creates print jobs for output, 
which may be either end-user-originated or created 
by a print server itself. 

Client Service for NetWare (CSNW) — Service 
included with Windows 2000 Professional that 
provides easy connection to NetWare servers. 

cluster — One or more sectors grouped into a sin- 
gle non-divisible unit. 

CMOS (complementary metal-oxide semicon- 
ductor) — A special, battery-powered chip that 
can store not only the software necessary to con- 
duct the POST, but also the basic, nonvolatile 


configuration information that POST uses to 
check the RAM installed in a system, the number 
and type of hard drives, the type of keyboard and 
mouse, and so forth. 

computer information file (CIF) — A detailed 
collection of all information related to the hard- 
ware and software products that compose your 
computer (and even your entire intranet). 

connecting to a printer — The negotiation of a 
connection to a shared printer through the 
browser service from a client or service across 
the network to the machine where the shared 
printer resides. 

connection-oriented — A class of network transport 
protocols that includes guaranteed delivery, explicit 
acknowledgment of data receipt, and a variety of 
data integrity checks to ensure reliable transmission 
and reception of data across a network. Although 
reliable, connection-oriented protocols can be slow 
because of the overhead and extra communication. 

connectionless — A class of network transport proto- 
cols that makes only a “best effort” attempt at deliv- 
ery, and that includes no explicit mechanisms to 
guarantee delivery or data integrity. Because such 
protocols need not be particularly reliable, they are 
often much faster and require less overhead than 
connection-oriented protocols. 

console — The collection of snap-ins and extensions 
saved as an .msc file loaded into the MMC that 
offers administrative controls. 

container — A logical component used for delegation. 
Containers contain objects such as “user” type or 
“computer” type objects. 

context — (1) The collection of Registry values and 
run-time environment variables in which a process 
or thread is currently running. (2) The location of 
an NDS object in the NDS tree. 

context switch — The act of unloading the context 
information for one process and replacing it with 
the information for another, when the new process 
comes to the foreground. 

Control Panel — The collection or organization 
of tools and utilities, called applets, within 
Windows 2000 (and Windows 95, 98, and 
Windows NT) where most system- and hardware- 
level installation and configuration take place. 


Glossary 579 


control set — A special set of Registry values that 
describes a Windows 2000 machine’s startup con- 
figuration that is saved each time a Windows 
machine is shut down (as the current configuration) 
and each time a user successfully logs on for the 
first time after bootup (as the Last Known Good 
Configuration). 

cooperative multitasking — A computing envi- 
ronment in which the individual application 
maintains control over the duration that its threads 
use operating time on the CPU. 

copy backup — A method of backing up all selected 
files without marking them as being backed up. 

counter (or performance counter) — A named 
aspect or activity that the Performance tool uses to 
measure or monitor some aspect of a registered 
system or application object. 

Counter log — A log that records measurements on 
selected counters at regular, defined intervals. 
Counter logs allow you to define exactly which 
counters are recorded (based on computer, object, 
counter, and instance). 

creating a printer — Setting up a printer for 
local use. 

critical section — In operating system terminology, 
this refers to a section of code that can only be 
accessed by a single thread at any one time, to pre- 
vent uncertain results from occurring when multi- 
ple threads attempt to change or access values 
included in that code at the same time. 

daily backup — A method of backing up only the 
selected files that have been created or modified on 
the day that the backup is being performed. They 
are not marked as being backed up. 

Data Link Control (DLC) — A low-level network 
protocol designed for mainframe connectivity, 
remote booting, and network printing. 

data type — (1) The format in which print jobs are 
sent to the spooler. Some data types are ready for 
printing (RAW) and some require further prepa- 
ration (EMF). (2) The setting on a Registry value 
entry that defines the data format of the stored 
information. 

defragmentation — The process of reorganizing 
files so they are stored contiguously and no gaps 
are left between files. 


580 Glossary 


delegation — The process of assigning groups or 
individuals access to manage objects. In Active 
Directory, delegation allows a domain to be seg- 
mented into various logical components. 
Permissions to manage these logical segments can 
also be delegated. 

demand paging — The act of requesting free pages 
of memory from RAM for an active application. 

device — A physical component either internal or 
external to the computer that is used to perform a 
specific function. Devices include hard drives, 
video cards, network interface cards, and printers. 

Device Driver Interface (DDI) — A specific 
code component that handles the translation of 
generic print commands into device-specific 
equivalents, immediately prior to delivery of a 
spool file to a print device. 

differential backup — A method of backing up 
selected files that have been created or modified 
since the last full backup. They are not marked as 
being backed up. 

direct-attached printer — A print device attached 
directly to a computer, usually through a parallel 
port (see also network interface printer). 

directory — An information source used to store 
information about useful, manageable objects. 

directory service — A service that differs from 
a directory in that it is defined as both the direc- 
tory information source (that is, the database) and 
the services (that is, LDAP) that make informa- 
tion available to and usable by the users and 
administrators. 

disabled — The state of a user account which is 
retained on the system but cannot be used to 
log on. 

disk bottleneck — A system bottleneck caused by a 
limitation in a computer’s disk subsystem, such as a 
slow drive or controller, or a heavier load than the 
system can handle. 

Disk Management — The Microsoft Management 
Console (MMC) snap-in used to manage drives. 

disk quota — A limitation on the amount of disk 
space that can be consumed by a user. 

Distributed File System (DFS) — A 
Windows 2000 Server hosted service used to 
manipulate and manage shared resources from var- 
ious locations throughout a network in a single 
hierarchical system. 


DMA (direct memory access) — A channel used 
by a hardware device to access memory directly, 
bypassing the CPU. Windows 2000 supports eight 
DMA channels, numbered 0 through 7. 

docking station — An expansion device for note- 
book computers that allows additional peripher- 
als to be used by the portable computer. 
Typically, a docking station is used to add a full- 
sized monitor, keyboard, mouse, CD-ROM drive, 
tape backup, or printer to a notebook computer. 

domain — An organizational unit used to centralize 
network users and resources. 

domain controller (DC) — A computer that 
maintains the domain’s Active Directory, which 
stores all information and relationships about users, 
groups, policies, computers, and resources. 

domain model — The networking setup in which 
there is centralized administrative and security 
control. One or more servers are dedicated to the 
task of controlling the domain, providing access 
and authentication for shared domain resources to 
member computers. 

Domain Name Service (DNS) — TCP/IP ser- 
vice that is used to resolve names to IP addresses. 

domain security — The control of user accounts, 
group memberships, and resource access for all 
members of a network instead of for only a single 
computer. 

domain user account — A user account that can 
be used throughout a domain. 

DOS operating environment — A general term 
used to describe the reasonably thorough DOS 
emulation capabilities provided in a Windows 2000 
virtual DOS machine (VDM). 

Dr. Watson — An application error debugger. This 
diagnostic tool detects application failures and logs 
diagnostic details. 

drive letter — One of two methods of accessing file 
system resources on formatted volumes under 
Windows 2000.A drive letter can be assigned to a 
partition or volume or a drive configuration of 
multiple components. 

driver — A software element that is used by an 
operating system to control a device. Drivers are 
usually device-specific. 

DSCrackNames — A specific Windows 2000 
NTDS API (NT Directory Services application 
programming interface) that accepts a name and 


then outputs the desired result. As an example, you 
could offer DsCrackNames a Windows NT 4 style 
name “DOMAIN\USER” and request a User 
Principal Name (UPN). Your result would be 
user@domain.com. 

dual-boot system — A multiboot system with only 
two operating systems. 

Dynamic Data Exchange (DDE) — A method 
of interprocess communication within the 
Windows operating system. 

Dynamic Host Configuration Protocol 
(DHCP) — An IP-based address management 
service that permits clients to obtain IP addresses 
from a DHCP server. This allows network admin- 
istrators to control and manage IP addresses cen- 
trally, rather than on a per-machine basis. 

dynamic link library (DLL) — A Microsoft 
Windows executable code module that is loaded 
on demand. Each DLL performs a unique function 
or small set of functions requested by applications. 

dynamic storage — The drive division method that 
employs volumes. It is a new standard supported 
only by Windows 2000. 

effective policy — The cumulative result of the 
priority application of group policies. 

Emergency Repair Disk (ERD) — A disk that 
contains configuration information about your PC. 
It can be used to restore a PC if Windows will not 
start or the system files are corrupt or missing. 

encrypting file system (EFS) — A security feature 
of NTFS under Windows 2000 that allows files, 
folders, or entire drives to be encrypted. Once 
encrypted, only the user account that enabled the 
encryption has the proper private key to decrypt 
and access the secured objects. 

enhanced metafile (EMF) — Device-independent 
spool data used to reduce the amount of time 
spent processing a print job. Once it’s queued, 
EMF data requires additional processing to prepare 
it for the printer. 

environment subsystem — A mini-operating sys- 
tem running within Windows 2000, providing an 
interface between applications and the kernel. 
Windows 2000 has three environment subsystems: 
Win32, OS/2, and POSIX, but only Win32 is 
required for Windows 2000 to function. 


Glossary 581 


Ethernet II — An older version of Ethernet that 
preceded the 802.3 specification, offering the same 
10 Mbps as standard Ethernet, but using a different 
frame format. 

event — Any significant occurrence in the system or in 
an application that requires users to be notified or a 
log entry to be added. Types of events include audits, 
driver failures, user logons, process launchings, and 
system shutdowns. 

Event Viewer — A system utility that displays one of 
three event logs: System, Security, and Application, 
wherein logged or audited events appear. The 
Event Viewer is often the first stop when monitor- 
ing a system’s performance or seeking evidence of 
problems because it is where all unusual or extraor- 
dinary system activities and events are recorded. 

Executive Services — The collection of kernel 
mode components designed for operating system 
management. 

extended partition — A type of partition on a basic 
disk that can be divided into logical drives. Only a 
single extended partition can exist on a physical 
disk, and when present only three primary parti- 
tions can exist. 

extension — A component that adds additional 
functions to a snap-in. 

FAT (file allocation table) or FAT16 — The file 
system used in versions of MS-DOS. Supported in 
Windows 2000 in its VFAT form, which adds long 
filenames and 4 GB file and volume sizes. 

FAT32 — The 32-bit FAT file system. As supported 
under Windows 2000, it can be used to format 
partitions or volumes up to 32 GB. 

FDISK — A DOS utility used to partition a hard 
disk. The DOS FDISK tool can only recognize and 
manipulate primary NTFS partitions; it cannot 
even view logical drives in an extended partition 
formatted with NTFS. 

Fiber Distributed Data Interface (FDDI) — A 
100 Mbps fiber-based networking technology. 

file system — The method used to arrange files on 
disk and read and write them. Windows 2000 sup- 
ports NTFS, FAT, and FAT32 disk file systems. 

File Transfer Protocol (FTP) — The protocol and 
service that provides TCP/IP-based file transfer to 
and from remote hosts and confers the ability to 
navigate and operate within remote file systems. 


582 Glossary 


flush — The activity of forcing the memory-resident 
copy of the Registry to be written to files stored 
on the hard drive. A flush occurs at shutdown, 
when forced by an application, or just after a 
Registry alteration. 

folder redirection — A component of IntelliMirror 
technologies that uses group policies to place 
specified user folders on a share on the network. 

format — Rewriting the track and sector informa- 
tion on a disk. This process removes all data previ- 
ously on the disk. 

fragmentation — The division of a file into two or 
more parts where each part is stored in a different 
location on the hard drive. As the level of fragmen- 
tation on a drive increases, the longer it takes for 
read and write operations to occur. 

frame type — One of four available packet struc- 
tures supported by IPX/SPX and NWLink. The 
four frame types supported are Ethernet 802.2, 
Ethernet 802.3, Ethernet II, and Ethernet SNAP. 

fresh installation — The installation method in 
which an operating system is installed without 
regard to preexisting operating systems. In other 
words, all settings and configurations are set to the 
OS’s defaults. 

gateway — A computer that serves as a router, a 
format translator, or a security filter for an entire 
network. 

global group — A group which exists throughout a 
domain. A global group can be created only on a 
Windows 2000 Server system. 

graphical device interface (GDI) — The portion 
of the Windows 2000 operating system responsible 
for the first step of preparing all graphical output, 
whether to be sent to a monitor or to the printer. 

group policy — An MMC snap-in that is used to 
specify desktop settings for group members. 

groups — Named collections of users to which you 
assign permissions. For example, the Administrators 
group contains all users who require administrative 
access to network resources and user accounts. 

handle — A programming term that indicates an 
internal identifier for some kind of system 
resource, object, or other component that must be 
accessed by name (or through a pointer). In Task 
Manager, the number of handles appears on the 
Performance tab in the Totals pane. A sudden 


increase in the number of handles, threads, or 
processes can indicate that an ill-behaved applica- 
tion is running on a system. 

hardware abstraction layer (HAL) — One of the 
few components of the Windows 2000 architec- 
ture that is written in hardware-dependent code. It 
is designed to protect hardware resources. 

hardware compatibility list (HCL) — 
Microsoft’s updated list of supported hardware 
for Windows 2000. 

hardware profile — A collection of custom device 
settings used on computers with changing physical 
components. 

hive — A discrete body of Registry keys, subkeys, 
and values stored in a file. 

HKEY_CLASSES_ ROOT — This Registry key 
contains the value entries that control the rela- 
tionships between file extensions (and therefore 
file format types) and applications. This key also 
supports the data used in object linking and 
embedding (OLE), COM object data, and file- 
class association data. This key actually points to 
another Registry key named 
HKEY_LOCAL_MACHINE\ Software\Classes, 
and provides multiple points of access to make 
itself easily accessible to the operating system 
itself and to applications that need access to the 
compatibility information already mentioned. 

HKEY_CURRENT_CONFIG — This Registry 
key contains the value entries that control the cur- 
rently active hardware profile. The contents of this 
key are built each time the system is booted. This 
key is derived from data stored in the 
HKEY_LOCAL_MACHINE\ System\ 
CurrentControlSet\ HardwareProfiles\Current 
subkey. This key exists to provide backward- 
compatibility with Windows 95/98 applications. 

HKEY_CURRENT_USER — This Registry key 
contains the value entries that define the user envi- 
ronment for the currently logged on user. This key 
is built each time a user logs on to the system. The 
data in this key is derived from the HKEY_USERS 
key and the Ntuser.dat and Ntuser.man files of a 
user’s profile. 

HKEY_LOCAL_MACHINE — This Registry 
key contains the value entries that control the 
local computer. This includes hardware devices, 
device drivers, and various operating system 


components. The data stored in this key is not 
dependent on a logged on user or the applica- 
tions or processes in use. 

HKEY_USERS — This Registry key contains the 
value entries that define the user environments for 
all users who have ever logged on to this computer. 
As a new user logs on to this system, a new subkey 
is added for that user, which is either built from 
the default profile stored in this key or from the 
roaming user profile associated with the domain 
user account. 

HOSTS — A static file placed on members of a net- 
work to provide name resolution between hosts and 
IP addresses. 

hot fix — Similar to a service pack, except that a 
hot fix addresses only a single problem, or a small 
number of problems, and may not be fully tested. 

I/O port — The section of memory used by the 
hardware to communicate with the operating sys- 
tem. When an IRQ is used, the system checks the 
I/O port memory area for additional information 
about what function is needed by the device. The 
I/O port is represented by a hexadecimal number. 

identification — The process of establishing a valid 
account identity on a Windows 2000 machine by 
supplying a correct and working domain name (if 
necessary) and an account name at logon. 

idle disconnect — A feature that breaks off a RAS 
connection after a specified period of time has gone 
by with no activity. This feature reduces the costs of 
remote access, helps you troubleshoot by closing 
dead connections, and frees up inactive RAS ports. 

imported user account — A local account created 
by duplicating the name and password of an exist- 
ing domain account. An imported account can be 
used only when the Windows 2000 Professional 
system is able to communicate with the domain of 
the original account. 

incremental backup — A method of backing up 
selected files that have been created or modified 
since the last normal or incremental backup. These 
files are marked as being backed up. 

inheritance — A process that lets a given ACE 
propagate from the container where it was 
applied to all children of the container. 

input message queue — A queue for each process, 
maintained by the Win32 subsystem, that contains 


Glossary 583 


the messages sent to the process from the user, 
directing its threads to do something. 

instance — A selection of a specific object when 
more than one is present on the monitored sys- 
tem; for example, multiple CPUs or hard drives. 

Integrated Services Digital Network (ISDN) — 
A direct, digital, dial-up Public Switched Telephone 
Network (PSTN) Data Link layer connection that 
operates at 64 KB per channel over regular twisted- 
pair cable between a subscriber site and a PSTN 
central office. 

IntelliMirror — A set of features within 
Windows 2000 that utilizes policies, folder redirec- 
tion, and the Windows Installer Service (WIS) for 
backing up and restoring users’ data, personalized 
settings, and applications. 

Internet Control Message Protocol (ICMP) — 
The protocol in the TCP/IP suite that handles 
communication between devices about network 
traffic, quality of service, and requests for specific 
acknowledgments (such as those used in the PING 
utility). 

Internet Printing Protocol (IPP) — A new 
Windows 2000 protocol that adds Web support 
to the print subsystem. IPP allows remote users 
to submit print jobs for printing, view printer 
queues, and download print drivers. 

Internet Protocol (IP) — The protocol that han- 
dles routing and addressing information for the 
TCP/IP protocol suite. IP provides a simple con- 
nectionless transmission that relies on higher-layer 
protocols to establish reliability. 

Internet Protocol Security (IPSec) — A security 
protocol that secures data at the packet level. 

Internetwork Packet Exchange (IPX) — The 
protocol developed by Novell for its NetWare 
product. IPX is a routable, connection-oriented 
protocol similar to TCP/IP but much easier to 
manage, and with lower communication overhead. 

interprocess communication (IPC) — The 
mechanism that defines a way for internal 
Windows processes to exchange information. 

IPX/SPX — The protocol suite consisting of IPX 
and SPX. See IPX and SPX for more information. 

IRQ (interrupt request) — The interrupt request 
level that is used to halt CPU operation in favor 


584 Glossary 


of the device. Windows 2000 supports 16 inter- 
rupts, namely IRQ 0 through 15. 

Kerberos — An encryption authentication scheme 
employed by Windows 2000 to verify the identity 
of a server and a client before actual data is 
transferred. 

kernel — The part of Windows 2000 composed of 
system services that interact directly with applica- 
tions; it controls all application contact with the 
computer. 

kernel mode — Systems running in kernel mode are 
operating within a shared memory space and with 
access to hardware. Windows 2000 Executive 
Services operates in kernel mode. 

key — A top-level division of the Registry. There are 
five keys in a Windows 2000 Registry. A key can 
contain subkeys. 

language monitor — The part of the print monitor 
that sets up bidirectional messaging between the 
printer and the computer initiating the print job. 

Last Known Good Configuration (LKGC) — 
The control set for Windows 2000 that is automati- 
cally saved by the system in a special set of Registry 
keys the first time a user logs on successfully to a 
system immediately after it has booted up. This 
information provides a safe fallback to use when 
booting the system the next time, if changes made 
to the Registry in the interim cause problems with 
booting (or if changes have been introduced that a 
user does not wish to retain on that system). 

Layer 2 Tunneling Protocol (L2TP) — AVPN 
(virtual private network) protocol developed by 
Cisco to improve security over Internet links by 
integrating with IPSec (IP Security). 

Lightweight Directory Access Protocol (LDAP) 
— An X.500-based protocol used to access infor- 
mation directories. 

LMHOSTS — File used in Microsoft networks to 
provide NetBIOS name-to-address resolution. 
load phase — The Windows 2000 load phase begins 

when the kernel assumes control of the machine, 
and consists of the following five steps: (1) loading 
the kernel, (2) initializing the kernel, (3) loading 
services, (4) starting the Windows 2000 system, and 
(5) logging on. All five steps must be completed 
successfully for a complete load to occur. 


local computer policy — A Windows 2000 secu- 
rity control feature used to define and regulate 
security-related features and functions. 

local computer security — The control of user 
accounts, group memberships, and resource access for 
a single computer. 

local group — A group which exists only on the 
computer where it was created. A local group can 
have users and global groups as members. 

local procedure call (LPC) — A technique to per- 
mit processes to exchange data in the 
Windows 2000 run-time environment. LPCs 
define a rigorous interface to let client programs 
request services, and to let server programs 
respond to such requests. 

local profile — A set of specifications and prefer- 
ences for an individual user stored on a local 
machine. 

Local Security Policy — The centralized control 
mechanism which governs password, account 
lockout, audit, user rights, security options, public 
key, and IP security. 

local user account — A user account that exists on 
a single computer. 

locked out — The state of a user account that is dis- 
abled because of repeated failed logon attempts. 

logon authentication — The requirement to pro- 
vide a name and password to gain access to the 
computer. 

logon script — A code script that can map drive 
letters, launch applications, or perform other 
command-line operations each time the 
system boots. 

long filenames (LFNs) — Filenames up to 256 
characters in length, supported by all file systems 
under Windows 2000. 

mandatory profile — A user profile which does 
not retain changes after the user logs out. 
Mandatory profiles are used to maintain a com- 
mon desktop environment for users. 

mapped drive — A share on Windows 2000 or 
NT servers that has been linked to drive letters on 
the client. 

master boot record (MBR) — The first sector on 
a hard disk, which contains executable code and a 
partition table, which stores information about the 
disk’s primary and extended partitions. A func- 
tioning MBR is required to boot a hard disk. 


memory bottleneck — A system bottleneck caused 
by a lack of available physical or virtual memory 
that results in system slowdown or (in extreme 
cases) an outright system crash. 

memory page — See page. 

Microsoft Management Console (MMC) — The 
standardized interface into which consoles, snap- 
ins, and extensions are loaded to perform adminis- 
trative tasks. 

mirrored volume — A drive configuration of a 
single volume is duplicated onto another volume 
on a different hard drive and provides fault toler- 
ance. In Windows NT, a mirror onto a drive host- 
ed by a different drive controller was called 
duplexing, but this distinction is no longer used in 
Windows 2000 (Windows 2000 Server only). 

mismatched document — A document with 
incompatible printer and page settings (that is, the 
page settings are impossible to produce given the 
existing printer settings). 

mode — A programming and operational separation 
of components, functions, and services. 

mount point or mounted volume — A new 
drive access technique that maps a volume or par- 
tition to an empty directory on an NTFS volume 
or partition. 

MS-DOS — One of the most popular character- 
based operating systems for personal computers. 
Many DOS concepts are still in use by modern 
operating systems. 

multiboot system — A computer that hosts two or 
more operating systems that can be booted by 
selecting one from a boot menu or boot manager 
during each power on. 

Multilink PPP — The ability of RAS to aggregate 
multiple data streams into one network connection 
for the purpose of using more than one modem or 
ISDN channel in a single connection. 

Multiple Universal Naming Convention 
Provider (MUP) — A Windows 2000 software 
component that allows two or more UNC 
providers (for example, Microsoft networks and 
NetWare networks) to exist simultaneously. The 
MUP determines which UNC provider will han- 
dle a particular UNC request and forwards the 
request to that provider. 


Glossary 585 


multiple-user system — An operating system 
which maintains separate and distinct user 
accounts for each person. 

multiprocessing — The ability to distribute threads 
among multiple CPUs on the same system. 

multitasking — Sharing processor time between 
threads. Multitasking may be preemptive (one 
thread may bump another one if the thread really 
needs the processor), or cooperative (one thread 
will retain control of the processor until its turn to 
use it is over). Windows 2000 uses preemptive 
multitasking except in the context of the WOW 
operating environment, because Windows 3.x 
applications expect cooperative multitasking. 

multithreaded process — A process with more 
than one thread running at a time. 

multithreading — The ability of an operating system 
and hardware to execute multiple pieces of code (or 
threads) from a single application simultaneously. 

multi-master replication — A replication model 
that is different from other models because any 
domain controller can accept and replicate direc- 
tory changes. 

Multi-Provider Router (MPR) — A file system 
service that can designate the proper redirector to 
handle a resource request that does not use UNC 
naming. The MPR lets applications written to 
older Microsoft specifications behave as if they 
used UNC naming. The MPR is able to recognize 
those UNCs that correspond to defined drive 
mappings. 

naming convention — A standardized regular 
method of creating names for objects, users, com- 
puters, groups, etc. 

NDS tree — The hierarchical representation of 
the Novell Directory Services database on 
NetWare 4.0 and higher networks. 

NetBIOS Enhanced User Interface (NetBEUI) 
— A simple transport program developed to 
support NetBIOS installations. NetBEUI is 
not routable, so it is not appropriate for larger 
networks. 

NetBIOS gateway — A service provided by RAS 
that allows NetBIOS requests to be forwarded 
independently of transport protocol. For example, 
NetBEUI can be sent over the network via 
NWLink. 


586 Glossary 


NetWare Core Protocol (NCP) — The protocol 
used by CSNW to make file and print services 
requests of NetWare servers. 

network adapter — Another name for network 
interface card (NIC), the piece of hardware that 
enables communication between the computer 
and the network. 

network authentication — Part of the act of con- 
necting to or accessing resources from some other 
member of the domain network. Network authenti- 
cation is used to prove that you are a valid member 
of the domain, that your user account is properly 
authenticated, and that you have access permissions 
to perform the requested action. 

Network Basic Input/Output System 
(NetBIOS) — A client/server interprocess com- 
munication service developed by IBM in 1985. 
NetBIOS presents a relatively primitive mecha- 
nism for communication in client/server applica- 
tions, but allows an easy implementation across 
various Microsoft Windows computers. 

Network Basic Input/Output System 
(NetBIOS) — The method used by 
LANManager for network naming and transport 
functions. 

network bottleneck — A system bottleneck cause 
by excessive traffic on the network medium to 
which a computer is attached, or when the com- 
puter itself generates excessive amounts of such 
traffic. 

Network Driver Interface Specification (NDIS) 
— Microsoft specification that defines parameters 
for loading more than one protocol on a network 
adapter. 

Network Dynamic Data Exchange (NetDDE) 
— An interprocess communication mechanism 
developed by Microsoft to support the distribution 
of DDE applications over a network. 

Network File System (NFS) — A UDP-based net- 
worked file system originally developed by Sun 
Microsystems and widely used on many TCP/IP 
networks. (Windows 2000 does not include built-in 
NFS support, but numerous third-party options are 
available.) 

network interface printer — A print device 
attached directly to the network medium, usually 
by means of a built-in network interface integrated 


within the printer, but sometimes by means of a 
parallel-attached network printer interface. 

network number — The specific network 
identifier used by IPX for internal and network 
communication. 

normal (or full) backup — A method of backing 
up all selected files and marking them as being 
backed up. 

Novell Directory Services (NDS) — The hierar- 
chical database used by NetWare 4.0 and higher 
servers to store network resource object configura- 
tion information. 

NTFS (New Technology File System) — The 
preferred file system of Windows 2000. Supports 
file level security, encryption, compression, auditing, 
and more. Supports volumes up to 2 TB. 

Ntldr — The Windows 2000 loader program that 
manages the boot and load phases of Windows 2000 
on a PC, as soon as the MBR passes control to 
that program, through the loading of Ntoskrnl.exe 
(the Windows 2000 kernel program), which com- 
pletes the loading of the operating system itself. 

NTLM (NT LAN Manager) authentication — 
The authentication mechanism used on 
Windows NT that is retained by Windows 2000 
for backward compatibility. 

NWLink — Microsoft’s implementation of Novell’s 
IPX/SPX protocol suite. 

object — Everything within the Windows 2000 
operating environment is an object. Objects 
include files, folders, shares, printers, and processes. 

Open Datalink Interface (ODI) — A part of the 
Novell protocol suite that provides the ability to 
bind more than one protocol to an adapter. 

operating system — Software designed to work 
directly with hardware to provide a computing 
environment within which production and enter- 
tainment software can execute, and which creates 
a user interface to allow human interaction with 
the computer. 

organizational unit (OU) — A container object 
that is an administrative partition of the Active 
Directory. OUs can contain users, groups, resources, 
and other OUs. OUs enable the delegation of 
administration to distinct subtrees of the directory. 

OS/2 — An operating system developed by IBM. 
Windows 2000 offers some OS/2 application 
support. 


OS/2 subsystem — The Windows 2000 subsystem 
used for running OS/2 applications; an emulation 
of OS/2 version 1.x (character mode only). 

Packet Internet Groper (PING) — An IP-based 
utility that can be used to check network connec- 
tivity or to verify whether a specific host else- 
where on the network can be reached. 

page — A 4 KB chunk of data, which is the smallest 
unit managed by the Virtual Memory Manager. 
Pages are moved around physical RAM and to 
and from the paging file. 

paging file — A file stored on a hard drive, 
employed by the Virtual Memory Manager as a 
temporary storage container for inactive memory 
pages. Its name is Pagefile.sys. 

parent process — The Windows 2000 environment 
subsystem that creates a run-time process, and 
imbues that child process with characteristics associ- 
ated with that parent’s interfaces, capabilities, and 
run-time requirements. 

partition — A space set aside on a disk and assigned 
a drive letter. A partition may take up all or part of 
the space on a disk. You create partitions when 
installing an operating system or when adding 
new drives. 

partition boot sector — The partition that contains 
the information the file system uses to access the 
volume, including a physical description of the 
disk, the name and version of the operating system 
files, the bootstrap code, and an instruction that 
allows the Master Boot Record to find all this 
information. 

password — A unique string of characters that must 
be provided before a logon or an access is autho- 
rized. Passwords are a security measure used to 
restrict initial access to Windows 2000 resources. 

password policy — Defines the restrictions on 
passwords. 

PC Cards — The modern name of the PCMCIA 
technology. PC Cards are credit card-sized devices 
typically used to expand the functionality of note- 
book or portable computers. 

PCMCIA (Personal Computer Memory Card 
International Association) Cards — The older 
name for the technology now labeled PC Cards. 
PCMCIA Cards are credit card-sized devices typ- 
ically used to expand the functionality of note- 
book or portable computers. 


Glossary 587 


peer-to-peer — A type of networking in which 
each computer can be a client to other computers, 
and act as a server as well. 

Plug and Play — A technology that allows an oper- 
ating system to inspect a device, determine exactly 
what the device is, install the correct driver, and 
enable the device—all without user interaction. 
Plug and play simplifies the addition and removal 
of hardware and can often offer on-the-fly recon- 
figuration of devices without rebooting. 

Point-to-Point Protocol (PPP) — A Network 
layer transport protocol that provides connectivity 
over serial or modem lines. PPP can negotiate any 
transport protocol used by both systems involved in 
the link and can automatically assign IP, DNS, and 
gateway addresses when used with TCP/IP. 

Point-to-Point Tunneling Protocol (PPTP) — A 
network protocol that allows users to create secure 
connections to corporate networks over the 
Internet, using virtual private networks (VPNs), 
which use encryption to transport private data 
across public links. 

policy — A set of configuration options that defines 
aspects of Windows 2000 security. 

port — Any physical communications channel to 
which a modem, direct cable, or other device 
can be connected to enable a link between two 
computers. 

port monitor — The part of the print monitor that 
transmits the print job to the print device via the 
specified port. Port monitors are actually unaware 
of print devices as such, but only know that some- 
thing’s on the other end of the port. 

POSIX (Portable Operating System Interface 
for Computing Environments) — A set of 
standards drafted by the Institute of Electrical and 
Electronic Engineers (IEEE) that defines various 
aspects of an operating system, including topics 
such as programming interface, security, network- 
ing, and graphical interface. 

POSIX subsystem — The Windows 2000 subsys- 
tem used for running POSIX applications. 

power-on self test (POST) — The system check 
performed by all computers when they are 
turned on. 

preemptive multitasking — A computing envi- 
ronment in which the operating system maintains 
control over the duration of operating time any 


588 Glossary 


thread (a single process of an application) is granted 
on the CPU. 

primary partition — A type of partition on a basic 
disk that can be marked active. Up to four primary 
partitions can exist on a physical disk, but only one 
partition can be active. 

principal — A security object in Kerberos. In Active 
Directory the Security Principals include Users, 
Computers, and Groups. 

print client — A network client machine that trans- 
mits print jobs across the network to a printer for 
spooling and delivery to a designated print device 
or printer pool. 

print device — In everyday language, a piece of 
equipment that provides output service—in other 
words, a printer. However, in Microsoft terminol- 
ogy, a printer is a logical service that accepts print 
jobs and delivers them to some print device for 
output when that device is ready. Therefore, in 
Microsoft terminology, a print device is any piece 
of equipment that can produce output, so this 
term would also describe a plotter, a fax machine, 
or a slide printer, as well as a text-oriented output 
device such as an HP LaserJet. 

print job — The contents of a completely or partially 
interpreted data file that contains text and control 
characters that will ultimately be delivered to a 
print device to be printed, or otherwise rendered in 
some tangible form. 

print processor — Software that works with the 
printer driver to despool files and make any neces- 
sary changes to the data to format it for use with 
a particular printer. The print processor itself is a 
PostScript program that understands the format of a 
document image file and how to print the file to 
a specific PostScript printer or class of printers. 

print provider — The server-side software that 
sends the print job to the proper server in the for- 
mat that it requires. Windows 2000 supports both 
Windows network print providers and NetWare 
print providers. 

print resolution — A measurement of the number 
of dots per inch (dpi) that describes the output 
capabilities of a print device; most laser printers 
usually produce output at 300 or 600 dpi. In gen- 
eral, the larger the dpi rating for a device, the bet- 
ter looking its output will be (but high-resolution 
devices cost more than low-resolution ones). 


print router — The software component in the 
Windows 2000 print subsystem that directs print 
jobs from one print server to another, or from a 
client to a remote printer. 

print server — A computer that links print devices 
to the network and shares those devices with 
client computers on the network. 

Print Server services — A collection of named 
software components on a print server that han- 
dles incoming print jobs and forwards them to a 
print spooler for postprocessing and delivery to a 
print device. These components include support 
for special job handling that can enable a variety 
of client computers to send print jobs to a print 
server for processing. 

print spooler — A collection of Windows 2000 
DLLs used to acquire, process, catalog, and dispense 
print jobs to print devices. The spooler acts like a 
holding tank, in that it manages an area on disk 
called the spool file on a print server, where pend- 
ing print jobs are stored until they’ve been success- 
fully output. The term “despooling” refers to the 
process of reading and interpreting what’s in a 
spool file for delivery to a print device. 

printer (logical printer) — In Microsoft termi- 
nology, a printer is not a physical device, but 
rather a named system object that communicates 
between the operating system and some print 
device. The printer handles the printing process 
for Windows 2000 from the time a print com- 
mand is issued, until a print job has been success- 
fully output. The settings established for a printer 
in the Add Printer Wizard in the Printers folder 
(Start, Programs, Printers) indicate which print 
device (or devices, in the case of a printer pool) 
will handle print output, and also provide controls 
over how print jobs will be handled (banner page, 
special postprocessing, and so forth). 

printer driver — Special-purpose software compo- 
nents that manage communications between the 
I/O Manager and a specific print device. 
Ultimately, printer drivers make it possible for 
Windows 2000 to despool print jobs, and send 
them to a print device for output services. 
Modern printer drivers also permit the printer to 
communicate with Windows 2000, and to inform 
it about print job status, error conditions (out of 


paper, paper jam, and so forth), and print job 
problems. 

printer graphics driver — The part of the printer 
driver that renders GDI commands into device 
driver interface commands that may be sent to the 
printer. 


printer interface driver — The part of the printer 


driver that provides an interface to the printer 
settings. 

Printer Job Language — A specialized language 
that provides printer control at the print-job level 
and enables users to change printer default levels 
such as number of copies, color, printer languages, 
and so on. 

printer pool — A collection of two or more identi- 
cally configured print devices to which one or 
more Windows 2000 printers direct their print 
jobs. Basically, a printer pool permits two or more 
printers to act in concert to handle high-volume 
printing needs. 

printer priority — The setting that helps to deter- 
mine which printer in a pool will get a given 
print job. The printer with the higher priority is 
more likely to get the print job. 

process — The primary unit of execution in the 
Windows 2000 operating system environment, a 
process may contain one or more execution 
threads, all associated with a named user account, 
SID, and access token. Processes essentially define 
the container within which individual applications 
and commands execute under Windows 2000. 

processor bottleneck — A system bottleneck that 
occurs when demands for CPU cycles from cur- 
rently active processes and the operating system 
cannot be met, usually indicated by high utiliza- 
tion levels or processor queue lengths greater than 
or equal to two. 

profile — See user profile. 

proxy server — Software that sits between network 
users and the Internet, providing a layer of security 
to reduce the risk of network break-ins from the 
Internet. 

public key policy — A security control of 
Windows 2000 whereby recovery agents for EFS 
and domain-wide and trusted certificate authori- 
ties are defined and configured. These policies can 
be enforced on a user-by-user basis. 


Glossary 589 


PXE (Pre-boot Execution) — A standard environ- 
ment in PC98-compliant computers and network 
computers that can be used for a remote OS 
installation. 

queue (print queue) — A series of files stored in 
sequential order waiting for delivery from a spool 
file to a print device. 

RAID 5 volume — A drive configuration of three 
or more (up to 32) parts of one or more drives or 
three or more (up to 32) entire drives. Data is 
written to all drives in equal amounts to spread the 
workload. Parity information is added to the writ- 
ten data to allow for drive failure recovery. Provides 
fault tolerance. If one partition or drive fails in the 
set, the other members can re-create the missing 
data on the fly. When the failed member is replaced 
or repaired, the data on that drive can be rebuilt 
and restored. This is also known as disk striping 
with parity (Windows 2000 Server only). 

RAW — Device-dependent spool data that is fully 
ready to be printed when rendered. 

real mode — A DOS term that describes a mode of 
operation for x86 CPUs wherein they can address 
only 1 MB of memory, broken into 16 64-KB 
segments, where the lower ten such segments are 
available to applications (the infamous 640 KB), 
and the upper six segments are available to the 
operating system or to special application dri- 
vers—or, for Windows 2000, to aVDM. 

Recovery Console — A command-line interface 
that provides administrative tools useful for recov- 
ering a system that is not booting correctly. 

redirector — Software that examines all requests for 
system resources and decides whether such requests 
are local or remote. 

REG_BINARY — A Registry value entry data type 
that stores data in binary format. 

REG_DWORD — A Registry value entry data type 
that stores data in binary, hex, or decimal format. 

REG_EXPAND_SZ — A Registry value entry 
data type that stores data in expandable text-string 
format that contains a variable that is replaced by 
an application when it is used (for example, 
%Systemroot%\File.exe). 

REG_MULTI SZ — A Registry value entry data 
type that stores data in text-string format that con- 
tains multiple human-readable values separated by 
null characters. 


590 Glossary 


REG_SZ — A Registry value entry data type that 
stores data in text-string format. 

Regedit — The 16-bit Registry editor. Regedit 
offers global searching and combines all of the 
keys into a single display. It can be used to per- 
form searches, add new subkeys and value entries, 
alter the data in value entries, and import and 
export keys and subkeys. 

Regedt32 — The 32-bit Registry editor. Regedt32 
offers control over key and value entry security, 
but displays each root key in a separate window. 
Regedt32 also offers a read-only mode so you can 
explore the Registry without the possibility of 
accidentally altering value entries. It can be used 
to perform searches, add new subkeys and value 
entries, alter the data in value entries, and import 
and export keys and subkeys. 

Registry — The hierarchical database of system con- 
figuration data, which is essential to the health and 
operation of a Windows 2000 system. 

Remote Access Service (RAS) — The service in 
Windows 2000 that allows users to log on to the 
system remotely over phone lines. 

Remote Installation Preparation (RIPrep) — A 
type of installation used with remote OS installa- 
tion whereby an administrator can take an entire 
image of one Windows 2000 Professional machine 
and install that image onto other workstations. 

Remote Installation Services (RIS) — An 
optional service in Windows 2000 Server that 
works with various other services to enable 
remote installations, including a remote operating 
system installation. 

remote execution (rexec) — The IP-based utility 
that permits a user on one machine to execute a 
program on another machine elsewhere on the 
network. 

remote OS installation — A component of 
Remote Installation Services (RIS) that can install 
Windows 2000 Professional on remote-boot- 
enabled PCs across a network. 

remote shell (rsh) — The IP-based utility that per- 
mits a user on one machine to enter a shell com- 
mand on another machine on the network. 

removable storage device — Any type of floppy, 
cartridge, or drive that can be either removed 
between reboots or as a hot swappable device. 

rendering — Graphically creating a print job. 


replication (directory replication) — The process 
of two systems in a homogenous system sharing 
directory information over the directory services 
interface. The directory services interface could be 
based on LDAP or the X.500 DRA (Directory 
Replication Agent). 

resources — Any useful service or object on a net- 
work. This includes printers, shared directories, and 
software applications. A resource can be accessible by 
everyone across the network or by only one person 
on a single machine, and at any level in between. 

restartable file copy — A RAS feature that auto- 
matically retransmits file transfers that are incom- 
plete because of a RAS connectivity interruption. 

Reverse Address Resolution Protocol (RARP) 
— Used to map from a MAC-layer address to a 
numeric IP address. 

roaming profile — A profile that resides on a net- 
work server to make it broadly accessible. When a 
user whose profile is designated as roaming logs on 
to any Windows 2000 system on the network, that 
profile is automatically downloaded when the user 
logs on. 

sector — The smallest division (512 bytes) of a 
drive’s surface. 

Secure Sockets Layer/Transport Layer Security 
(SSL/TLS) — A mechanism used primarily over 
HTTP communications to create an encrypted 
session link through the exchange of certificates 
and public encryption keys. 

Security Accounts Manager (SAM) — The data- 
base of user accounts, group memberships, and 
security related settings. 

security ID (SID) — A unique name that identifies 
a logged-on user to the security system. SIDs can 
identify one user or a group of users. 

Security log — A log automatically created by 
Windows 2000 that records security-related events. 

security options — Define and control various 
security features, functions, and controls of the 
Windows 2000 environment. 

Sequenced Packet Exchange (SPX) — Novell’s 
connection-oriented, reliable network communica- 
tions protocol. 

Serial Line Internet Protocol (SLIP) — An 
implementation of the IP protocol over serial 
lines. SLIP has been made obsolete by PPP. 


server — The networked computer that responds to 
client requests for network resources. 

Server Message Block (SMB) — The protocol 
used by Microsoft clients to request file and print 
services from Microsoft servers such as 
Windows 2000 Advanced Server. 

Server service — The Windows 2000 component 
that handles the creation and management of 
shared resources and performs security checks 
against requests for such resources, including direc 
tories and printers. The Server service allows a 
Windows 2000 computer to act as a server on a 
client/server network, up to the maximum num- 
ber of licensed clients. 

service — A software element used by the operating 
system to perform a function. Services include 
offering resources over the network, accessing 
resources over the network, print spooling, etc. 

service pack — A collection of code replacements, 
patches, error corrections, new applications, ver- 
sion improvements, or service-specific configura- 
tion settings from Microsoft that correct, replace, 
or hide the deficiencies of the original product or 
preceding service packs or hot fixes. 

setup boot disks (or floppies) — The four disks 
used by Windows 2000 to initiate the installation 
process on computer systems that do not have an 
existing OS, do not have a CD-ROM that sup- 
ports bootable CDs, or that do not have network 
access to a Windows 2000 distribution file share. 
These disks can be created by running the 
Makeboot file from the Bootdisk directory on the 
distribution CD. 

Setup Manager — The Windows 2000 tool that 
provides you with a GUI interface for creating an 
answer file. 

share — A resource, such as an application, file, 
printer, or other device, that can be accessed over 
the network. 

shell — The default user process that is launched 
when a valid account name and password combina- 
tion is authenticated by the WinLogon process for 
Windows 2000.The default shell of Windows 2000 
is Windows Explorer. The default shell process man- 
ages the desktop, Start menu, taskbar, and other 
interface controls. The shell process defines a 
logged-on user’s run-time environment from the 
point of authentication forward, and supplies all 


Glossary 591 


spawned processes or commands with its access 
token to define their access permissions, until that 
account logs out. 

Simple Mail Transfer Protocol (SMTP) — The 
IP-based messaging protocol and service that sup- 
ports most Internet e-mail. 

Simple Network Management Protocol 
(SNMP) — The IP-based network management 
protocol and service that makes it possible for 
management applications to poll network devices 
and permits devices to report on error or alert 
conditions to such applications. 

simple volume — A drive configuration of all or 
part of a single drive. Does not provide any fault 
tolerance. NTFS volumes can be extended; FAT 
and FAT32 volumes cannot be extended. 

sites — The logical definitions in Active Directory 
that relate to the IP physical substructure of a com- 
pany. Sites are defined as one or more IP subnets. 
This in turn relates to your network topology. 

snap-in — A component that adds control mecha- 
nisms to a console for a specific service or object. 

spanned volume — A drive configuration of two or 
more (up to 32) parts of one or more drives or two 
or more entire drives; the elements of the spanned 
volume do not have to be equal in size. 

spooling — One of the functions of the print 
spooler, this is the act of writing the contents of a 
print job to a file on disk so they will not be lost 
if the print server is shut down before the job is 
completed. 

striped volume — A drive configuration of two or 
more (up to 32) parts of one or more drives or 
two or more (up to 32) entire drives. Data is writ- 
ten to all drives in equal amounts (in 64 KB units) 
to spread the workload and improve performance. 

subkey — A division of a Registry key, such as 
HKEY_LOCAL_MACHINE. A subkey can con- 
tain other subkeys and value entries. 

subnet — A portion of a network that might or 
might not be a physically separate network. A 
subnet shares a network address with other parts 
of the network but is distinguished by a subnet 
number. 

subnet mask — The number used to define which 
part of a computer’s IP address denotes the host and 
which part denotes the network. 


592 Glossary 


subsystem — An operating environment that emu- 
lates another operating system (such as OS/2 or 
POSIX) to provide support for applications created 
for that environment. 

synchronization (directory synchronization) — 
A process in which two systems in a heteroge- 
neous system share directory information, using an 
interim agent. The agent contains mapping tables 
and protocol support for both directories. 

synchronization object — Any of a special class of 
objects within the Windows 2000 environment 
that are used to synchronize and control access to 
shared objects and critical sections of code. 

Sysdiff — The Windows 2000 utility used to take a 
snapshot of a basic installation and, after changes 
have been made, record the changes and then apply 
them to another installation. 

System log — A log automatically created by 
Windows 2000 that records information and alerts 
about the Windows 2000 internal processes. 

System Monitor — The utility that tracks registered 
system or application objects, where each such 
object has one or more counters that can be 
tracked for information about system behavior. 

system partition — In Windows 2000, the disk that 
contains the MBR and partition boot sector.; the 
active partition where the boot files required to 
display the boot menu and initiate the booting of 
Windows 2000 are stored. 

System Preparation tool (Sysprep) — A tool used 
to duplicate an entire hard drive. This tool is useful 
when installing Windows 2000 onto multiple iden- 
tical systems that require identical configurations. 

system state data — A collection of system-specific 
data that can be backed up and restored using the 
Windows 2000 Backup utility. 

Task Scheduler — The component of Windows 
2000 used to automate the execution or launch of 
programs and batch files on the basis of time and 
system conditions. 

Telephony Application Programming Interface 
(TAPI) — A Windows feature that supplies a 
uniform way of accessing fax, data, and voice. 
TAPI is part of the Windows Open System 
Architecture (WOSA) developed to aid third- 
party vendors in designing powerful, integrated 
telephony applications. 


Telnet — The TCP/IP-based terminal emulation 
protocol used on IP-based networks to permit 
clients on one machine to attach to and operate 
on another machine on the network as if the 
other machines were terminals locally attached to 
a remote host. 

thread — In the Windows 2000 run-time environ- 
ment, a thread is the minimum unit of system exe- 
cution and corresponds roughly to a task within an 
application, the Windows 2000 kernel, or within 
some other major system component. Any task that 
can execute in the background can be considered a 
thread (for example, run-time spell checking or 
grammar checking in newer versions of MS Word), 
but it’s important to recognize that applications must 
be written to take advantage of threading (just as the 
operating system itself is). 

Trace log — A log that records data when only cer- 
tain events occur. Trace logs record nonconfig- 
urable data from a designated provider when an 
event occurs. 

transaction log — A file created by Windows 2000 
to record Registry changes. These files, with a log 
extension, are used to verify that changes to the 
Registry are made successfully. 

transitive bidirectional trust — A standard trust 
relationship that occurs when a domain joins an 
existing tree. All domains in the Active Directory 
tree have two-way trusts established automatically. 

Transmission Control Protocol (TCP) — The 
reliable, connection-oriented, IP-based transport 
protocol that supports many of the most important 
IP services, including HTTP SMTP, and FTP. 

Transmission Control Protocol/Internet 
Protocol (TCP/IP) — A suite of Internet proto- 
cols upon which the global Internet is based. 
TCP/IP is the default protocol for Windows 2000. 

Transport Driver Interface (TDI) — The specifi- 
cation to which all Windows transport protocols 
must be written to be used by higher-layer ser- 
vices, such as programming interfaces, file systems, 
and interprocess communication mechanisms. 

Trivial File Transfer Protocol (TFTP) — A light- 
weight alternative to FTP that uses UDP to provide 
only simple get-and-put capabilities for file transfer 
on IP-based networks. 


trusts — The administrative links that allow user and 
group object security information to pass between 
secure boundaries (domains) in Active Directory. 

unattended installation — A Windows 2000 instal- 
lation that uses a previously made script to install 
from. Such an installation method does not require 
user interaction. 

uniqueness database file (UDF) — A text file that 
contains a partial set of instructions for installing 
Windows 2000, to specify settings for individual 
users. Used to supplement an answer file, when 
only minor changes are needed that don’t require a 
new answer file. 

Universal Naming Convention (UNC) — A 
multivendor, multiplatform convention for identi- 
fying shared resources on a network. 

upgrade installation — The installation method in 
which data and configuration settings from the 
previous operating systems remain intact. The level 
or amount of retained data varies according to the 
existing operating system’s type. 

user account — A named security element used by 
a computer system to identify individuals and to 
record activity, control access, and retain settings. 

User Datagram Protocol (UDP) — A light- 
weight, connectionless transport protocol used as 
an alternative to TCP in IP-based environments to 
supply faster, lower overhead access, primarily (but 
not exclusively) to local resources. 

user mode — (1) Systems running in user mode are 
operating in virtual private memory areas for each 
process, so that each process is protected from all 
others. User-mode processes may not manipulate 
hardware, but must send requests to kernel-mode 
services to do this manipulation for them. (2) The 
condition of a console that prevents adding or 
removing snap-ins or resaving the console file. 

user profile — A collection of user-specific settings 
that retain the state of the desktop, start menu, 
color scheme, and other environmental aspects 
across logons. By default, user profiles are stored 
in \Document\Settings\ <username>, where user- 
name is the name of the user to whom the profile 
applies. 

User Rights Policy — Defines which groups or 
users can perform the specific privileged action. 

value — The actual data stored by a value entry. 


Glossary 593 


value entry — A named Registry variable that 
stores a specific value or data string. A Registry 
value entry’s name is typically a multiword phrase 
without spaces and with title capitalization. 

virtual device driver (VDD) — A device driver 
used by virtual DOS machines (VDMs) to provide 
an interface between the application, which expects 
to interact with a 16-bit device driver, and the 32- 
bit device drivers that Windows 2000 provides. 

virtual DOS machine (VDM) — A Win32 appli- 
cation that emulates a DOS environment for use 
by DOS and Win16 applications. 

virtual memory — A Windows 2000 kernel service 
that stores memory pages that are not currently in 
use by the system in a paging file. This frees up 
memory for other uses. Virtual memory also hides 
the swapping of memory from applications and 
higher-level services. 

Virtual Memory Manager (VMM) — The part of 
the operating system that handles process priority 
and scheduling, providing the ability to preempt 
executing processes and schedule new processes. 

virtual private networks (VPNs) — Network 
connections that use encryption to transport pri- 
vate data across public links. 

volume — (1) In basic storage, a collection of 2 to 
32 partitions into a single logical structure. (2) In 
dynamic storage, any division of a physical drive or 
collection of divisions into a drive configuration. 

volume set — A collection of disk partitions that are 
treated as a logical drive. A volume set may be 
expanded after it has already been created. To 
make a volume set smaller, however, you must 
back up all the data, delete the volume set, define 
a new (smaller) volume set, and restore the data to 
that set. If you lose one drive in a volume set, you 
lose all the data in the entire set, because it offers 
no fault tolerance. 

Win16 operating environment — The collection 
of components, interfaces, and capabilities that per- 
mits Win16 applications to run within aVDM 
within the Win32 subsystem on Windows 2000. 

Win16-on-Win32 subsystem (WOW) — The 
formal name for the collection of components, 
interfaces, and capabilities that permits the Win32 
subsystem to provide native support for well- 
behaved 16-bit Windows applications. 


594 Glossary 


Win32 — The main 32-bit subsystem used by Win32 
applications and other application subsystems. 

Windows 2000 Advanced Server — The new 
Microsoft network operating system (NOS) ver- 
sion designed to function as a high-end resource 
on a network. 

Windows 2000 Datacenter Server — An enhanced 
version of Windows 2000 Server developed to host 
high-end applications, as well as support data ware- 
housing, real-time transaction processing, and enter- 
prise Web site hosting. 

Windows 2000 Professional — The new Microsoft 
NOS version designed to function as a 
client/workstation on a network. 

Windows 2000 Server — The new Microsoft NOS 
version designed to function as a resource host on 
a network. 

Windows 3.x — An older, 16-bit version of 
Windows. Windows 2000 supports backward com- 
patibility with most Windows 3.x applications. 

Windows 95 — The 32-bit version of Windows 
that can operate as a standalone system or in a 
networked environment. 

Windows 98 — An updated version of Windows 95 
with improved Internet and network connectivity. 

Windows for Workgroups — A version of 
Windows 3.x that includes minimal network 
support to allow the software to act as a 
network client. 

Windows Installer Service (WIS) — A component 
of Windows 2000 that manages the installation and 
removal of applications by applying a set of centrally 
defined setup rules during the installation process. 

Windows Internet Naming Service (WINS) — 
A service that provides NetBIOS name-to-IP- 
address resolution. 

Windows NT — The Microsoft network operating 
system that was the predecessor to Windows 2000. 


WinLogon — The process used by Windows 2000 to 
control user authentication and manage the logon 
process. WinLogon produces the logon dialog box 
where username, password, and domain are selected, 
and it controls automated logon, warning text, the 
display of the shutdown button, and the display of 
the last user to log onto the system. 

Winnt — The 16-bit Windows 2000 installation 
program. 

Winnt32 — The 32-bit Windows 2000 installation 
program. 

wizard — A tool or utility that has an interactive 
step-by-step guide to walk you through a complex 
or detailed configuration process. 

workgroup — A networking scheme in which 
resources, administration, and security are distrib- 
uted throughout the network. 

workgroup model — The networking setup in 
which users are managed jointly through the use 
of workgroups to which users are assigned. 

Workstation service — The Windows component 
that supports client access to network resources and 
handles functions such as logging on, connecting to 
network shares (directories and printers), and creat- 
ing links using the Windows 2000 IPC options. 

X.25 — An ITU standard for packet-switched net- 
working; common outside of the United States 
where its robust handling makes it a good match 
for substandard telephone networks. 

X.500 — A series of International 
Telecommunications Union (ITU) protocol rec- 
ommendations that specify a model for connect- 
ing local directory services to form one distributed 
global directory. 

x86 — The chip architecture used by Intel and oth- 
ers to create 386 and later CPUs (including the 
Pentium). 


